package com.st.security.custom;

import com.st.security.entities.SysPermission;
import com.st.security.entities.SysUser;
import com.st.security.service.SysPermissionService;
import com.st.security.service.SysUserService;
import org.apache.commons.collections.CollectionUtils;
import org.assertj.core.util.Lists;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.data.redis.core.RedisTemplate;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.AuthorityUtils;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.stereotype.Component;

import java.util.List;

/**
 * @创建人: 放生
 * @创建时间: 2022/4/6
 * @描述:
 */
@Component("customUserDetailsService")
public class CustomUserDetailsService implements UserDetailsService {

    Logger logger = LoggerFactory.getLogger(getClass());

    @Autowired
    PasswordEncoder passwordEncoder;

    @Autowired
    SysUserService sysUserService;

    @Autowired
    SysPermissionService sysPermissionService;

    @Autowired
    private RedisTemplate redisTemplate;


    @Override
    public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {

        logger.info("请求认证的用户名：" + username);
        SysUser sysUser = sysUserService.findByUsername(username);
        if (sysUser == null) {
            throw new UsernameNotFoundException("用户或密码错误");
        }

        // 2. 查询该用户有哪一些权限
        List<SysPermission> sysPermissions = sysPermissionService.findByUserId(sysUser.getId());
        // 无权限
        if (CollectionUtils.isEmpty(sysPermissions)) {
            return sysUser;
        }

        // 3. 封装用户信息和权限信息
        List<GrantedAuthority> authorities = Lists.newArrayList();
        for (SysPermission sp : sysPermissions) {
            //权限标识
            authorities.add(new SimpleGrantedAuthority(sp.getCode()));
        }
        sysUser.setAuthorities(authorities);

        // 4. 交给 Spring Security 框架完成认证操作
        return sysUser;


//        // 1. 根据请求用户名向数据库中查询用户信息
//        if (!"fangsheng".equalsIgnoreCase(username)) {
//            throw new UsernameNotFoundException("用户名或密码错误");
//        }
//        // 如果有此用户信息, 假设数据库查询到的用户密码是 1234
//        String password = passwordEncoder.encode("1234");
//
//        // 2.查询用户拥有权限
//        // 3.封装用户信息: username用户名,password数据库中的密码,authorities资源权限标识符
//        // SpringSecurity 底层会校验是否身份合法。
//        String authorityString = "sys:user,sys:role,sys:user:add";
//        return new User(username, password,
//                AuthorityUtils.commaSeparatedStringToAuthorityList(authorityString));

    }


}
